Category Archives: Cloud Computing

The PowerShell cmdlet below, Get-AzureRmVMStatus, helps to you get a list of Azure VMs and their status (PowerState) within a given resource group. You can supply a VM name filter if you want to enclose only specific VMs in the result.

PowerShell

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

<#

.SYNOPSIS

Get a list of Azure VMs and their Status within a given resource group.

.DESCRIPTION

The Get-AzureRmVMStatus helps to you get a list of Azure VMs and their

status (PowerState) within a given resource group. You can supply a

VM name filter if you want to enclose only specific VMs in the result.

.EXAMPLE

Get-AzureRmVMStatus -ResourceGroupName 'myrg01'

.EXAMPLE

Get-AzureRmVMStatus -ResourceGroupName 'myrg01' -Name '*desktop*'

.NOTES

Author : Frank Peter Schultze

Date : 2016-05-19

#>

functionGet-AzureRmVMStatus{

[CmdletBinding()]

param(

#The name of a resouce group in your subscription

[Parameter(Mandatory=$true)]

[string]

$ResourceGroupName

,

#VM name filter

[Parameter()]

[string]

$Name='*'

)

Get-AzureRmVM-ResourceGroupName$ResourceGroupName|

Get-AzureRmVM-Status|

Select-Object-PropertyName,Statuses|

Where-Object{$_.Name-like$Name}|

ForEach-Object{

$VMName=$_.Name

$_.Statuses|

Where-Object{$_.Code-like'PowerState/*'}|

ForEach-Object{

New-Object-TypeNamepsobject-Property@{

Name=$VMName

Status=$_.DisplayStatus

}

}

}

}

The usage of this function is as simple as…

PowerShell

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

PSC:\>Get-AzureRmVMStatus-ResourceGroupName'myrg01'

Name Status

----------

mylabaddsdc01 VM deallocated

mylabdesktop01 VM deallocated

PSC:\>Get-AzureRmVMStatus-ResourceGroupName'myrg01'-Name'*desktop*'

Name Status

----------

mylabdesktop01 VM deallocated

PSC:\>

Of couse, you need to log on to you Azure subscription before. (Login-AzureRmAccount)

In the field, occasionally I stumble over Azure AD or Office 365 support scripts that contain hard coded credentials for the Connect-MsolService cmdlet. This is mainly because these scripts are intended to run regularly in the background and therefore need to establish a connection without user interaction (caused by Get-Credential). With this post I want to draw attention to a smarter approach that eliminates the risk of exposing plain-text passwords in script files.

In fact, saving/restoring credentials to/from file is the perfect use case for Export-CliXml and Import-CliXml. You can pipe any object to Export-CliXml. It creates an XML-representation of the object and saves it in a file. You can re-create the object based on the XML file with Import-CliXml. The best thing about it is that the Export-CliXml cmdlet encrypts credential objects with DPAPI to make sure that only your user account can decrypt the contents of the original credential object.

In the code above, the file in which the credential is stored is represented by (‘{0}.credential’ -f $MyInvocation.MyCommand.Name) which resolves to the file name of the script plus the .credential suffix. The file will be saved along with the PowerShell Profile ($profile). If the .credential file exists the code will leverage Import-CliXml to restore the credential object, if not it will invoke Get-Credential and save the credentials with Export-CliXml. In either case the credential variable exposes the credential object.

Please note anyway: Generally you should avoid storing credentials in plain-text files. Opt for this approach only if there’s no better alternative.

The other day I was checking out the Emulated Automation Activities module that, according to its author Joe Levy, “provides a PowerShell ISE-friendly implementation of all the SMA-only activities, using the SMA cmdlets behind the scenes”. The module works fine but in case of nested runbooks you would have to develop a corresponding emulation command for each inline call in order to test outside of SMA. As to me, the bottom line is that EmulatedAutomationActivities is fine for developing and testing child runbooks separately with ISE and as far as parent runbooks are concerned I opt for testing within SMA.

To be able to quickly upload a finished runbook definition to SMA (in my evaluation lab) and load an existing runbook definition into ISE I created two ISE Add-on menu items:

Both options require the SMA PowerShell Module.

The “upload current file …” option requires a common PowerShell file with a runbook definition in the current tab and considers the file name as runbook name. If the runbook name already exists in SMA it transfers the file as a new draft for the correspondig runbook (it overwrites an existing draft). If the runbook name doesn’t exist it simply imports the file into SMA.

The “load runbook …” option opens a list of all current runbooks in a gridview window. After selecting the runbook in question and klicking OK it will open the runbook definition in a new ISE tab.

Please note that, with regard to production environments and continuous integration, the information contained in this post is only suitable to a limited extent. With this post I just want to provide some starting points.

Hope this helps

Disclaimer: I hope that the information in this post is valuable to you. Your use of the information contained in this post, however, is at your sole risk. All information on this post is provided “as is”, without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by me. Further, I shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages

When using the Cmdlets of the Service Management Automation (SMA) PowerShell module, all actions are targeted against a SMA Web Service and therefore have a required parameter called WebServiceEndpoint. If you’re kinda stressed out by repetitively typing this parameter value, you can define a default parameter value in your Windows PowerShell session to set the value automatically. For example, in your PowerShell profile script, use the following command to set the default value for the WebServiceEndpoint parameter for all related SMA Cmdlets:

Is your organization still pursuing a non-Cloud strategy? If I’d ask you why I bet you won’t be stuck for an answer. You or your CIO would tell me that Cloud Computing doesn’t meet your requirements in terms of security for example. It’s your valid decision and that’s fine by me. But may I ask another question? Do you apply exactly the same standards you used to define your Cloud investigation criteria for your current IT operational concept? Really?

So, let’s stick at security as I guess it’s one of your main concerns regarding Cloud. Usually, Cloud security concerns cover all aspects related to a Cloud Reference model. Mostly the Cloud Provider has to undertake that the IT Infrastructure is secure and that the tenants’ data are protected. In order to ensure this demand on security the Cloud Provider has to implement several defensive controls that detect and prevent attacks and also reduce the impact of attacks. It’s about reducing the overall attack surface and Cloud Providers need to be pretty good in this discipline – not least because they are constantly in the public eye. Cloud Providers who want to continue to exist have to face up to each security concern.

Now I ask you again. Does your traditional IT meet the same level of security that you have set to evaluate Cloud Computing or do you have double standards? I see, you have firewalls, backup, desaster recovery, antivirus, data encryption and so on – so why bother. I’ll tell you why bother. All these security thingies are firstly just tools and guidelines. But did you ever consider who operates this? Of course your IT department, or spin-off, maybe assisted by external workers. But do you really know what they do or do you rather implicitly trust them? In the latter case the IT department is in a blind spot from business perspective. Quite foggy, right? Fog… Cloud… Frankly speaking you should consider your IT department as a separate attack surface, perhaps it’s the weakest link in your security strategy.

First of all, in order to reduce this risk you should get in touch with your “IT crowd”, not just the CIO. Your business relies on these gals and guys. They are in a key position to proverbially shutdown your business. Listen to them carefully, be thankful and be willing to reward them. Maybe you’ll realize that you need a change in your organization’s culture if you will. Go ahead! Invoke a cultural movement driven by the management. At the end of the day it should be possible for any person to give any person a bit of one’s mind regardless of the hierarchy or command structure, because exactly the opposite leads to vulnerability. Think it over.

From a technical perspective, ironically, your IT department can benefit from the lessons learned in Cloud Computing. Here’s an example. Since this blog is mainly about Windows PowerShell I take the liberty and draw your attention to Just Enough Administration (JEA) (Download Whitepaper). It’s based on technology you should already have in place and helps your organization “reduce risk by restricting operators to only the access required to perform specific tasks”.

Just building a Cloud doesn’t imply successful business. First of all you need a clear vision on how Cloud Computing can enable or improve your business. This vision will enable you to found a solid Cloud Computing strategy. And with this strategy you’ll “go cloud” successfully. Sounds straightforward, but it isn’t. You need to consider several key issues:

Good understanding of IT service – offering Cloud services involves building a service portfolio and defining service-level-agreements (SLA) for example.

Market analysis – is there a real need of your Cloud services?

Competitor analysis – are you competing against similar Cloud services?

Business case analysis – how is the ratio of the profit (or loss) relative to the cost basis resp. the return on invest (ROI)?

Steady benchmarking tests – or: continuous competitor analysis

Especially in case of Cloud Computing it is mandatory to tightly align business and IT because IT executes the business strategy, or more specifically, when delivering Cloud services to users/customers IT is acting as a business for itself with something to sell – that is the Cloud services.

To conlude, building a Cloud implies previous realignment of the business structure. With this concluding words I go into the weekend.

with this post I start a blog series about Cloud computing with the objective of promoting the next evolutionary step in the history of Information Technology.

While the Cloud hype might be annoying at first sight, it indicates on the other hand the dimension and importance of the underlying fundamental challenge: IT is evolving in order to support the changing business needs. Cloud computing is agile computing. And agility of IT enables organizations to be leaders in global economy. From the very high level perspective, Cloud computing is nothing more than about sharing IT infrastructure and managing application workloads in a highly efficient manner.

Among the variety of Cloud computing definitions the National Institute of Standards definition is gaining more and more popularity:

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

This model is composed of five essential characteristics, three service models, and 4 deployment models.

Cloud computing characteristics:

On-demand self-service

Resource pooling

Rapid elasticity

Measured service

Broad network access

Cloud computing service models (XaaS):

Saas – Software-as-a-Service

PaaS – Platform-as-a-Service

IaaS – Infrastructure-as-a-Service

Cloud computing deployment models:

Public Cloud

Private Cloud

Community Cloud

Hybrid Cloud

I think, no, I hope that the Cloud hype will reach its zenith during this year. Before Cloud computing finally enters the stage of pure productivity we will, sad to say, experience prestages like the burst of the wishful-thinking-bubble, followed by the “Trail of Tears”, and then the “Age of Enlightenment”. At the end of day, when Cloud computing has passed all these stages, it will be no longer cool meaning that it will be a mature computing model that just simply works – just like virtualization nowadays. By the way, do you remember the virtualization hype a few years ago…?

So, there’s absolutely no rush to switch to Cloud computing as soon as possible. Many companies are building cloud services today and some are more successful than others. Do you know what I mean? While some companies just try to “go cloud” and fail, others evolve a Cloud computing vision for their business first – a vision that uses Cloud computing as an enabler.